CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2024-0099
https://notcve.org/view.php?id=CVE-2024-0099
13 Jun 2024 — NVIDIA vGPU software for Linux contains a vulnerability in the Virtual GPU Manager, where the guest OS could cause buffer overrun in the host. A successful exploit of this vulnerability might lead to information disclosure, data tampering, escalation of privileges, and denial of service. El software NVIDIA vGPU para Linux contiene una vulnerabilidad en Virtual GPU Manager, donde el sistema operativo invitado podría provocar un desbordamiento del búfer en el host. Una explotación exitosa de esta vulnerabilid... • https://nvidia.custhelp.com/app/answers/detail/a_id/5551 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 21EXPL: 0CVE-2024-0091
https://notcve.org/view.php?id=CVE-2024-0091
13 Jun 2024 — NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability where a user can cause an untrusted pointer dereference by executing a driver API. A successful exploit of this vulnerability might lead to denial of service, information disclosure, and data tampering. El controlador de pantalla GPU NVIDIA para Windows y Linux contiene una vulnerabilidad en la que un usuario puede provocar una desreferencia de un puntero que no es de confianza ejecutando una API del controlador. Una explotación exitos... • https://nvidia.custhelp.com/app/answers/detail/a_id/5551 • CWE-822: Untrusted Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2024-0089
https://notcve.org/view.php?id=CVE-2024-0089
13 Jun 2024 — NVIDIA GPU Display Driver for Windows contains a vulnerability where the information from a previous client or another process could be disclosed. A successful exploit of this vulnerability might lead to code execution, information disclosure, or data tampering. NVIDIA GPU Display Driver para Windows contiene una vulnerabilidad en la que se podría revelar información de un cliente anterior u otro proceso. Una explotación exitosa de esta vulnerabilidad podría provocar la ejecución de código, la divulgación d... • https://nvidia.custhelp.com/app/answers/detail/a_id/5551 • CWE-665: Improper Initialization •
CVSS: 6.1EPSS: 0%CPEs: 16EXPL: 0CVE-2024-0075
https://notcve.org/view.php?id=CVE-2024-0075
27 Mar 2024 — NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability where a user may cause a NULL-pointer dereference by accessing passed parameters the validity of which has not been checked. A successful exploit of this vulnerability may lead to denial of service and limited information disclosure. NVIDIA GPU Display Driver para Windows y Linux contiene una vulnerabilidad en la que un usuario puede provocar una desreferencia de puntero NULL al acceder a parámetros pasados cuya validez no se ha verifi... • https://nvidia.custhelp.com/app/answers/detail/a_id/5520 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-0073
https://notcve.org/view.php?id=CVE-2024-0073
27 Mar 2024 — NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer when the driver is performing an operation at a privilege level that is higher than the minimum level required. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. NVIDIA GPU Display Driver para Windows contiene una vulnerabilidad en la capa del modo kernel cuando el controlador realiza una operación con un nivel d... • https://nvidia.custhelp.com/app/answers/detail/a_id/5520 • CWE-250: Execution with Unnecessary Privileges •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-0071
https://notcve.org/view.php?id=CVE-2024-0071
27 Mar 2024 — NVIDIA GPU Display Driver for Windows contains a vulnerability in the user mode layer, where an unprivileged regular user can cause an out-of-bounds write. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. NVIDIA GPU Display Driver para Windows contiene una vulnerabilidad en la capa de modo de usuario, donde un usuario normal sin privilegios puede provocar una escritura fuera de los límites. Una exp... • https://nvidia.custhelp.com/app/answers/detail/a_id/5520 • CWE-125: Out-of-bounds Read •
CVSS: 5.4EPSS: 0%CPEs: 17EXPL: 2CVE-2023-44216
https://notcve.org/view.php?id=CVE-2023-44216
26 Sep 2023 — PVRIC (PowerVR Image Compression) on Imagination 2018 and later GPU devices offers software-transparent compression that enables cross-origin pixel-stealing attacks against feTurbulence and feBlend in the SVG Filter specification, aka a GPU.zip issue. For example, attackers can sometimes accurately determine text contained on a web page from one origin if they control a resource from a different origin. PVRIC (PowerVR Image Compression) en Imagination 2018 y dispositivos GPU posteriores ofrece compresión tr... • https://arstechnica.com/security/2023/09/gpus-from-all-major-suppliers-are-vulnerable-to-new-pixel-stealing-attack • CWE-203: Observable Discrepancy •
CVSS: 4.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-31014
https://notcve.org/view.php?id=CVE-2023-31014
20 Sep 2023 — NVIDIA GeForce Now for Android contains a vulnerability in the game launcher component, where a malicious application on the same device can process the implicit intent meant for the streamer component. A successful exploit of this vulnerability may lead to limited information disclosure, denial of service, and code execution. NVIDIA GeForce Now para Android contiene una vulnerabilidad en el componente de inicio del juego, donde una aplicación maliciosa en el mismo dispositivo puede procesar la intención im... • https://nvidia.custhelp.com/app/answers/detail/a_id/5476 • CWE-668: Exposure of Resource to Wrong Sphere CWE-927: Use of Implicit Intent for Sensitive Communication •
CVSS: 7.8EPSS: 0%CPEs: 34EXPL: 0CVE-2023-25515 – Gentoo Linux Security Advisory 202405-28
https://notcve.org/view.php?id=CVE-2023-25515
23 Jun 2023 — NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability where unexpected untrusted data is parsed, which may lead to code execution, denial of service, escalation of privileges, data tampering, or information disclosure. Multiple vulnerabilities have been discovered in NVIDIA Drivers, the worst of which could result in root privilege escalation. Versions greater than or equal to 470.223.02 are affected. • https://https://nvidia.custhelp.com/app/answers/detail/a_id/5468 • CWE-822: Untrusted Pointer Dereference •
CVSS: 6.1EPSS: 0%CPEs: 23EXPL: 0CVE-2023-0199 – Gentoo Linux Security Advisory 202310-02
https://notcve.org/view.php?id=CVE-2023-0199
22 Apr 2023 — NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer handler, where an out-of-bounds write can lead to denial of service and data tampering. Multiple vulnerabilities have been discovered in NVIDIA Drivers, the worst of which could result in root privilege escalation. Versions greater than or equal to 470.182.03 are affected. • https://nvidia.custhelp.com/app/answers/detail/a_id/5452 • CWE-787: Out-of-bounds Write •